[CERT-daily] Tageszusammenfassung - 12.04.2019

Fri Apr 12 18:08:40 CEST 2019

=====================
= End-of-Day report =
=====================

Timeframe:   Donnerstag 11-04-2019 18:00 − Freitag 12-04-2019 18:00
Handler:     Robert Waldner
Co-Handler:  n/a

=====================
=       News        =
=====================

∗∗∗ 0day im Internet Explorer: Dateidiebstahl auf Windows-PCs ∗∗∗
---------------------------------------------
Ein Problem im Internet-Explorer gefährdet alle Windows-Nutzer – auch wenn sie den Zombie-Browser nicht nutzen. Microsoft will das jedoch nicht patchen.
---------------------------------------------
http://heise.de/-4398797


∗∗∗ Messenger: Matrix.org-Server gehackt ∗∗∗
---------------------------------------------
Mit Matrix.org ist einer der am meisten genutzten Server des Messengers Matrix gehackt worden. Betroffene sollten umgehend ihr Passwört ändern. Auch der vermeintliche Angreifer gibt Sicherheitstipps auf Github. (Matrix, Instant Messenger)
---------------------------------------------
https://www.golem.de/news/messenger-matrix-org-server-gehackt-1904-140655-rss.html


∗∗∗ Bad news, everyone! New [BGP] hijack attack in the wild ∗∗∗
---------------------------------------------
With this article, we want to show an example of the attack where not only the true attacker was under the question, but the whole list of affected prefixes. Moreover, it again raises concerns about the possible motives for the future attack of this type.
---------------------------------------------
https://habr.com/en/company/qrator/blog/447776/


=====================
=  Vulnerabilities  =
=====================

∗∗∗ Vuln: Multiple VMware Products CVE-2019-5516 Out of Bounds Read Information Disclosure Vulnerability ∗∗∗
---------------------------------------------
VMWare Workstation, VMWare Fusion, VMWare Esxi
Multiple VMware products are prone to an information-disclosure vulnerability.
Attackers can exploit this issue to obtain sensitive information or cause denial-of-service condition. 
---------------------------------------------
http://www.securityfocus.com/bid/107878


∗∗∗ Vuln: Oracle April 2019 Critical Patch Update Multiple Vulnerabilities ∗∗∗
---------------------------------------------
Oracle has released advance notification regarding the April 2019 Critical Patch Update (CPU) to be released on April 16, 2019. The update addresses 296 vulnerabilities
---------------------------------------------
http://www.securityfocus.com/bid/107875


∗∗∗ Security updates for Friday ∗∗∗
---------------------------------------------
Security updates have been issued by CentOS (freerdp, kernel, openssh, and python), Fedora (checkstyle), openSUSE (bluez, file, kernel, and libarchive), SUSE (apache2, curl, ghostscript, libvirt, openssh, and systemd), and Ubuntu (rssh).
---------------------------------------------
https://lwn.net/Articles/785841/


∗∗∗ WAGO Undocumented service access in Series 750-88x and 750-87x devices ∗∗∗
---------------------------------------------
CVE Identifier CVE-2019-10712
Severity 9.8 (CVSS:3.0:AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) 
---------------------------------------------
https://cert.vde.com/de-de/advisories/vde-2019-008


∗∗∗ IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect Financial Transaction Manager for Corporate Payment Services for Multi-Platform v2.1.1 ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-vulnerabilities-in-ibm-java-runtime-affect-financial-transaction-manager-for-corporate-payment-services-for-multi-platform-v2-1-1/


∗∗∗ IBM Security Bulletin: Multiple Vulnerabilities in IBM Java SDK Affect IBM Algo Credit Manager ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-vulnerabilities-in-ibm-java-sdk-affect-ibm-algo-credit-manager-6/


∗∗∗ IBM Security Bulletin: IBM Algo Credit Manager Is Affected by a Pivotal Spring Framework Vulnerability ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-algo-credit-manager-is-affected-by-a-pivotal-spring-framework-vulnerability/


∗∗∗ IBM Security Bulletin: IBM BladeCenter Advanced Management Module (AMM) is affected by vulnerabilities in cURL (CVE-2018-16840 CVE-2018-16842) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-bladecenter-advanced-management-module-amm-is-affected-by-vulnerabilities-in-curl-cve-2018-16840-cve-2018-16842/


∗∗∗ IBM Security Bulletin: IBM BladeCenter Advanced Management Module (AMM) is affected by vulnerability in OpenSSH (CVE-2018-15473) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-bladecenter-advanced-management-module-amm-is-affected-by-vulnerability-in-openssh-cve-2018-15473/


∗∗∗ IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect Watson Explorer and IBM Watson Content Analytics ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-vulnerabilities-in-ibm-java-runtime-affect-watson-explorer-and-ibm-watson-content-analytics/


∗∗∗ IBM Security Bulletin: IBM BladeCenter Advanced Management Module (AMM) is affected by vulnerability in python (CVE-2018-14647) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-bladecenter-advanced-management-module-amm-is-affected-by-vulnerability-in-python-cve-2018-14647/


∗∗∗ IBM Security Bulletin: IBM BladeCenter Advanced Management Module (AMM) is affected by vulnerability in PHP (CVE-2018-17082) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-bladecenter-advanced-management-module-amm-is-affected-by-vulnerability-in-php-cve-2018-17082/


∗∗∗ IBM Security Bulletin: IBM BladeCenter Advanced Management Module (AMM) is affected by vulnerabilities in X.Org libx11 (CVE-2018-14599 CVE-2018-14598) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-bladecenter-advanced-management-module-amm-is-affected-by-vulnerabilities-in-x-org-libx11-cve-2018-14599-cve-2018-14598/


∗∗∗ Apache Thrift vulnerability CVE-2018-1320 ∗∗∗
---------------------------------------------
https://support.f5.com/csp/article/K36361684

-- 
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily