[CERT-daily] Tageszusammenfassung - 20.02.2019

Daily end-of-shift report team at cert.at
Wed Feb 20 18:14:31 CET 2019


=====================
= End-of-Day report =
=====================

Timeframe:   Dienstag 19-02-2019 18:00 − Mittwoch 20-02-2019 18:00
Handler:     Dimitri Robl
Co-Handler:  n/a

=====================
=       News        =
=====================

∗∗∗ SQL injection explained: How SQLi attacks work and how to prevent them ∗∗∗
---------------------------------------------
What is SQL injection?SQL injection is a type of attack that can give an adversary complete control over your web application database by inserting arbitrary SQL code into a database query.Immortalized by "Little Bobby Drop Tables" in XKCD 327, SQL injection (SQLi) was first discovered in 1998, yet continues to plague web applications across the internet. Even the OWASP Top Tenlists injection as the number one threat to web application security.
---------------------------------------------
https://www.csoonline.com/article/3257429/application-security/what-is-sql-injection-this-oldie-but-goodie-can-make-your-web-applications-hurt.html


∗∗∗ Sicherheit: Github startet Safe Harbor für Bug-Bounty-Programm ∗∗∗
---------------------------------------------
Um Teilnehmer seines Bug-Bounty-Programms rechtlich besser abzusichern, startet Github ein Safe-Harbor-Programm, das die Aktionen der Sicherheitsforscher absichern soll. Die Richtlinien basieren auf eigener Erfahrung und Vorlagen aus der Community. Das Programm selbst wird ebenfalls erweitert. (Github, Urheberrecht)
---------------------------------------------
https://www.golem.de/news/sicherheit-github-startet-safe-harbor-fuer-bug-bounty-programm-1902-139496-rss.html


∗∗∗ Password Managers: Under the Hood of Secrets Management ∗∗∗
---------------------------------------------
[...] In this paper we propose security guarantees password managers should offer and examine the underlying workings of five popular password managers targeting the Windows 10 platform: 1Password 7, 1Password 4, Dashlane, KeePass, and LastPass.
---------------------------------------------
https://www.securityevaluators.com/casestudies/password-manager-hacking/


∗∗∗ Phishers’ new trick for bypassing email URL filters ∗∗∗
---------------------------------------------
Phishers have come up with another trick to make Office documents carrying malicious links undetectable by many e-mail security services: they delete the links from the document’s relationship file (xml.rels). The trick has been spotted being used in a email spam campaign aimed at leading victims to a credential harvesting login page.
---------------------------------------------
https://www.helpnetsecurity.com/2019/02/20/phishers-new-trick-for-bypassing-email-url-filters/


∗∗∗ Combing Through Brushaloader Amid Massive Detection Uptick ∗∗∗
---------------------------------------------
Nick Biasini and Edmund Brumaghin authored this blog post with contributions from Matthew Molyett.Executive SummaryOver the past several months, Cisco Talos has been monitoring various malware distribution campaigns leveraging the malware loader Brushaloader to deliver malware payloads to systems. Brushaloader is currently characterized by the use of various scripting elements, such as PowerShell, to minimize the number of artifacts left on infected systems.
---------------------------------------------
https://blog.talosintelligence.com/2019/02/combing-through-brushaloader.html


∗∗∗ Siegeware: When criminals take over your smart building ∗∗∗
---------------------------------------------
Siegeware is what you get when cybercriminals mix the concept of ransomware with building automation systems: abuse of equipment control software to threaten access to physical facilities.
---------------------------------------------
https://www.welivesecurity.com/2019/02/20/siegeware-when-criminals-take-over-your-smart-building/



=====================
=  Vulnerabilities  =
=====================

∗∗∗ Intel Data Center Manager SDK ∗∗∗
---------------------------------------------
This advisory provides mitigation recommendations for improper authentication, protection mechanism failure, permission issues, key management errors, and insufficient control flow management vulnerabilities reported in Intels Data Center Manger software development kit.
---------------------------------------------
https://ics-cert.us-cert.gov/advisories/ICSA-19-050-01


∗∗∗ Delta Industrial Automation CNCSoft ∗∗∗
---------------------------------------------
This advisory provides mitigation recommendations for an out-of-bounds read vulnerability reported in the Delta Electronics Delta Industrial Automation CNCSoft.
---------------------------------------------
https://ics-cert.us-cert.gov/advisories/ICSA-19-050-02


∗∗∗ Horner Automation Cscape ∗∗∗
---------------------------------------------
This advisory includes mitigations for an improper input validation vulnerability in the Horner Automation Cscape software.
---------------------------------------------
https://ics-cert.us-cert.gov/advisories/ICSA-19-050-03


∗∗∗ Rockwell Automation Allen-Bradley PowerMonitor 1000 ∗∗∗
---------------------------------------------
This advisory provides mitigation recommendations for cross-site scripting and authentication bypass vulnerabilities reported in Rockwell Automations Allen-Bradley PowerMonitor 1000, a compact power monitor.
---------------------------------------------
https://ics-cert.us-cert.gov/advisories/ICSA-19-050-04


∗∗∗ WordPress 5.0.0 Remote Code Execution ∗∗∗
---------------------------------------------
This blog post details how a combination of a Path Traversal and Local File Inclusion vulnerability lead to Remote Code Execution in the WordPress core. The vulnerability remained uncovered in the WordPress core for over 6 years.
---------------------------------------------
https://blog.ripstech.com/2019/wordpress-image-remote-code-execution/


∗∗∗ Security updates for Wednesday ∗∗∗
---------------------------------------------
Security updates have been issued by Debian (ansible, drupal7, and systemd), Fedora (botan2, ceph, and firefox), Oracle (firefox, flatpak, and systemd), Red Hat (firefox), SUSE (gvfs, kernel, libqt5-qtbase, python-numpy, and qemu), and Ubuntu (gdm3).
---------------------------------------------
https://lwn.net/Articles/780344/


∗∗∗ Cisco IP Phone 7800 and 8800 Series Cisco Discovery Protocol and Link Layer Discovery Protocol Denial of Service Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190220-cdp-lldp-dos


∗∗∗ Cisco Webex Teams for iOS Arbitrary File Upload Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190220-webx-ios-file


∗∗∗ Cisco Prime Infrastructure Certificate Validation Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190220-prime-validation


∗∗∗ Cisco Prime Collaboration Assurance Software Unauthenticated Access Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190220-pca-access


∗∗∗ Cisco Network Convergence System 1000 Series TFTP Directory Traversal Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190220-ncs


∗∗∗ Cisco SPA112, SPA525, and SPA5x5 Series IP Phones Certificate Validation Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190220-ipphone-certs


∗∗∗ Cisco IoT Field Network Director XML External Entity Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190220-iot-fnd-xml


∗∗∗ Cisco HyperFlex Software Command Injection Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190220-hyperflex-injection


∗∗∗ Cisco Hyperflex Stored Cross-Site Scripting Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190220-hyper-xss


∗∗∗ Cisco HyperFlex Arbitrary Statistics Write Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190220-hyper-write


∗∗∗ Cisco HyperFlex Unauthenticated Statistics Retrieval Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190220-hyper-retrieve


∗∗∗ Cisco Firepower Threat Defense Software SSL or TLS Denial of Service Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190220-fpwr-ssltls-dos


∗∗∗ Cisco Firepower 9000 Series Firepower 2-Port 100G Double-Width Network Module Queue Wedge Denial of Service Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190220-firpwr-dos


∗∗∗ Cisco Unity Connection Reflected Cross-Site Scripting Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190220-cuc-rxss


∗∗∗ Cisco HyperFlex Software Unauthenticated Root Access Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190220-chn-root-access


∗∗∗ Security Advisory - Double Free Vulnerability on Bastet Module of Some Huawei Smartphones ∗∗∗
---------------------------------------------
http://www.huawei.com/en/psirt/security-advisories/2019/huawei-sa-20190220-01-smartphone-en


∗∗∗ Security Advisory - Out-of-bounds Read Vulnerability in Some Huawei Smartphones ∗∗∗
---------------------------------------------
http://www.huawei.com/en/psirt/security-advisories/2019/huawei-sa-20190220-01-phone-en


∗∗∗ Security Advisory - Information Leak Vulnerability in Some Huawei Smart Phones ∗∗∗
---------------------------------------------
http://www.huawei.com/en/psirt/security-advisories/2019/huawei-sa-20190220-01-informationleak-en


∗∗∗ IBM Security Bulletin: IBM has announced a release for IBM Security Identity Governance and Intelligence in response to multiple security vulnerabilities ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-has-announced-a-release-for-ibm-security-identity-governance-and-intelligence-in-response-to-multiple-security-vulnerabilities-2/

-- 
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily




More information about the Daily mailing list