[CERT-daily] Tageszusammenfassung - 06.02.2019

Daily end-of-shift report team at cert.at
Wed Feb 6 18:24:12 CET 2019


=====================
= End-of-Day report =
=====================

Timeframe:   Dienstag 05-02-2019 18:00 − Mittwoch 06-02-2019 18:00
Handler:     Dimitri Robl
Co-Handler:  Stephan Richter

=====================
=       News        =
=====================

∗∗∗ Nicht auf apfel-deals.com bestellen! ∗∗∗
---------------------------------------------
apfel-deals.com wirbt aktuell aktiv um Kundschaft. Im Angebot hat der Shop den Großteil des Apple-Produktsortiments, wie zum Beispiel iPhones, MacBooks, iPads und die Apple Watch. Achtung: Die Preise sind zwar verlockend, doch es handelt sich um einen Fake-Shop, der keine Waren liefert. Konsument/innen zahlen per Vorkasse und verlieren dadurch ihr Geld an Kriminelle!
---------------------------------------------
https://www.watchlist-internet.at/news/nicht-auf-apfel-dealscom-bestellen/


∗∗∗ SuperBoost Wifi hält nicht, was es verspricht! ∗∗∗
---------------------------------------------
Auf superboostwifi.com bewirbt die Firma Strong Current Enterprises Limited ein Gerät, das in der Lage sein soll, die Geschwindigkeitsbegrenzung von Internet-Verbindungen auszuhebeln. Tatsächlich handelt es sich beim SuperBoost Wifi Booster lediglich um einen vergleichsweise teuren WLAN-Repeater. Die Internet-Geschwindigkeit bleibt ein und dieselbe, nur die Reichweite wird verbessert.
---------------------------------------------
https://www.watchlist-internet.at/news/superboost-wifi-haelt-nicht-was-es-verspricht/



=====================
=  Vulnerabilities  =
=====================

∗∗∗ AVEVA InduSoft Web Studio and InTouch Edge HMI ∗∗∗
---------------------------------------------
This advisory provides mitigation recommendations for Missing Authentication for Critical Function and Resource Injection vulnerabilities reported in the AVEVA InduSoft Web Studio and InTouch Edge HMI (formerly InTouch Machine Edition) applications.
---------------------------------------------
https://ics-cert.us-cert.gov/advisories/ICSA-19-036-01


∗∗∗ Rockwell Automation EtherNet/IP Web Server Modules ∗∗∗
---------------------------------------------
This advisory includes mitigations for an improper input validation vulnerability reported in the Rockwell Automation EtherNet/IP Web Server Modules.
---------------------------------------------
https://ics-cert.us-cert.gov/advisories/ICSA-19-036-02


∗∗∗ WECON LeviStudioU ∗∗∗
---------------------------------------------
This advisory includes mitigations for stack-based buffer overflow, heap-based buffer overflow, and memory corruption vulnerabilities reported in WECONs LeviStudioU.
---------------------------------------------
https://ics-cert.us-cert.gov/advisories/ICSA-19-036-03


∗∗∗ Siemens SIMATIC S7-1500 CPU ∗∗∗
---------------------------------------------
This advisory provides mitigation recommendations for uncontrolled resource consumption vulnerabilities reported in Siemens SIMATIC SV-1500 CPU.
---------------------------------------------
https://ics-cert.us-cert.gov/advisories/ICSA-19-036-04


∗∗∗ Kunbus PR100088 Modbus Gateway ∗∗∗
---------------------------------------------
This advisory provides mitigation recommendations for improper authentication, missing authentication for critical function, and improper input validation vulnerabilities reported in the Kunbus PR100088 Modbus gateway.
---------------------------------------------
https://ics-cert.us-cert.gov/advisories/ICSA-19-036-05


∗∗∗ Security updates for Wednesday ∗∗∗
---------------------------------------------
Security updates have been issued by Debian (dovecot and libav), openSUSE (kernel and krb5), Scientific Linux (thunderbird), SUSE (curl, lua53, python3, and spice), and Ubuntu (dovecot).
---------------------------------------------
https://lwn.net/Articles/779098/


∗∗∗ ZDI: (0day) Hewlett Packard Enterprise Intelligent Management Vulnerabilities ∗∗∗
---------------------------------------------
http://www.zerodayinitiative.com/advisories/ZDI-19-162/
http://www.zerodayinitiative.com/advisories/ZDI-19-172/
http://www.zerodayinitiative.com/advisories/ZDI-19-171/
http://www.zerodayinitiative.com/advisories/ZDI-19-170/
http://www.zerodayinitiative.com/advisories/ZDI-19-169/
http://www.zerodayinitiative.com/advisories/ZDI-19-168/
http://www.zerodayinitiative.com/advisories/ZDI-19-167/
http://www.zerodayinitiative.com/advisories/ZDI-19-166/
http://www.zerodayinitiative.com/advisories/ZDI-19-165/
http://www.zerodayinitiative.com/advisories/ZDI-19-164/
http://www.zerodayinitiative.com/advisories/ZDI-19-163/


∗∗∗ Cisco Aironet Active Sensor Static Credentials Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190206-aas-creds


∗∗∗ Cisco Web Security Appliance Decryption Policy Bypass Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190206-wsa-bypass


∗∗∗ Cisco Webex Business Suite Content Injection Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190206-webex-injection


∗∗∗ Cisco Webex Meetings for Android Cross-Site Scripting Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190206-webex-andro-xss


∗∗∗ Cisco TelePresence Management Suite Cross-Site Scripting Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190206-tms-xss


∗∗∗ Cisco TelePresence Management Suite Simple Object Access Protocol Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190206-tms-soap


∗∗∗ Cisco TelePresence Conductor, Cisco Expressway Series, and Cisco TelePresence Video Communication Server REST API Server-Side Request Forgery Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190206-rest-api-ssrf


∗∗∗ Cisco Meeting Server SIP Processing Denial of Service Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190206-meeting-sipdos


∗∗∗ Cisco Identity Services Engine Cross-Site Scripting Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190206-ise-xss


∗∗∗ Cisco Firepower Management Center Cross-Site Scripting Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190206-fmc-xss


∗∗∗ Cisco Unified Intelligence Center Software Cross-Site Scripting Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190206-cuic-xss


∗∗∗ Cisco Meeting Server Denial of Service Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190206-cms-dos


∗∗∗ IBM Security Bulletin: Potential denial of service in WebSphere Application Server (CVE-2018-10237) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-potential-denial-of-service-in-websphere-application-server-cve-2018-10237/


∗∗∗ IBM Security Bulletin: IBM DataPower Gateway is affected by vulnerabilities in OpenSSL ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-datapower-gateway-is-affected-by-vulnerabilities-in-openssl/


∗∗∗ IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli System Automation for Multiplatforms (CVE-2018-3180, CVE-2018-3139) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-vulnerabilities-in-ibm-java-sdk-affect-ibm-tivoli-system-automation-for-multiplatforms-cve-2018-3180-cve-2018-3139/


∗∗∗ IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM Tivoli System Automation Application Manager (CVE-2018-3180, CVE-2018-3139) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-vulnerabilities-in-ibm-java-sdk-affect-ibm-tivoli-system-automation-application-manager-cve-2018-3180-cve-2018-3139/


∗∗∗ IBM Security Bulletin: IBM SPSS Statistics is affected by CVE-2018-3139 and CVE-2018-3180 vulnerabilities ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-spss-statistics-is-affected-by-cve-2018-3139-and-cve-2018-3180-vulnerabilities/


∗∗∗ IBM Security Bulletin: IBM DataPower Gateway is affected by a vulnerability in Node.js (CVE-2018-12123) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-datapower-gateway-is-affected-by-a-vulnerability-in-node-js-cve-2018-12123/


∗∗∗ IBM Security Bulletin: Content Collector for Email is affected by 3RD PARTY Reflected XSS in WebSphereSamISP ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-content-collector-for-email-is-affected-by-3rd-party-reflected-xss-in-webspheresamisp/


∗∗∗ IBM Security Bulletin: IBM PureApplication Service is affected by a GPFS vulnerability (CVE-2018-1723) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-pureapplication-service-is-affected-by-a-gpfs-vulnerability-cve-2018-1723/


∗∗∗ IBM Security Bulletin: IBM DataPower Gateway is affected by a message injection vulnerability (CVE-2018-1666) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-datapower-gateway-is-affected-by-a-message-injection-vulnerability-cve-2018-1666/


∗∗∗ IBM Security Bulletin: Content Collector for Email is affected by 3RD PARTY WebSphere XSS ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-content-collector-for-email-is-affected-by-3rd-party-websphere-xss/

-- 
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily




More information about the Daily mailing list