[CERT-daily] Tageszusammenfassung - 25.02.2019

Daily end-of-shift report team at cert.at
Mon Feb 25 18:13:21 CET 2019


=====================
= End-of-Day report =
=====================

Timeframe:   Freitag 22-02-2019 18:00 − Montag 25-02-2019 18:00
Handler:     Dimitri Robl
Co-Handler:  Stephan Richter

=====================
=       News        =
=====================

∗∗∗ Sicherheitslücken: PDF-Signaturen fälschen leicht gemacht ∗∗∗
---------------------------------------------
Signaturen von PDF-Dateien sind offenbar nicht besonders sicher: Einem Forscherteam der Uni Bochum gelang es, die Signaturprüfung in nahezu allen PDF-Programmen auszutricksen.
---------------------------------------------
https://www.golem.de/news/sicherheitsluecken-pdf-signaturen-faelschen-leicht-gemacht-1902-139589-rss.html


∗∗∗ How to Use an Audit Log to Practice WordPress Forensics ∗∗∗
---------------------------------------------
User accountability, improved security & forensics, adhering to compliance and easy troubleshooting are just a few of the benefits of keeping an activity log on your WordPress site.
---------------------------------------------
https://www.htbridge.com/blog/benefits-activity-logs-wordpress-site.html


∗∗∗ Geldwäsche durch Bewerbung bei nebenverdienst-jobs.de ∗∗∗
---------------------------------------------
Über diverse Job-Plattformen und Inseratsseiten locken Kriminelle Konsument/innen auf nebenverdienst-jobs.de. Job-Suchenden werden hier monatliche Überweisungen für das Eröffnen und Zurverfügungstellen eines Bankkontos versprochen. Interessent/innen dürfen sich keinesfalls bewerben, denn es handelt sich um eine Methode der Geldwäsche, durch die sich Konsument/innen unter Umständen strafbar machen.
---------------------------------------------
https://www.watchlist-internet.at/news/geldwaesche-durch-bewerbung-bei-nebenverdienst-jobsde/


∗∗∗ New browser attack lets hackers run bad code even after users leave a web page ∗∗∗
---------------------------------------------
MarioNet attack lets hackers create botnets from users browsers.
---------------------------------------------
https://www.zdnet.com/article/new-browser-attack-lets-hackers-run-bad-code-even-after-users-leave-a-web-page/#ftag=RSSbaffb68



=====================
=  Vulnerabilities  =
=====================

∗∗∗ SSA-844562: Multiple Vulnerabilities in Licensing Software for WinCC OA ∗∗∗
---------------------------------------------
Multiple vulnerabilities have been identified in the WibuKey Digital Rights Management (DRM) solution, which affect WinCC OA. Siemens recommends users to apply the updates to WibuKey Digital Rights Management (DRM) provided by WIBU SYSTEMS AG.
---------------------------------------------
https://cert-portal.siemens.com/productcert/txt/ssa-844562.txt


∗∗∗ Security updates for Monday ∗∗∗
---------------------------------------------
Security updates have been issued by Arch Linux (msmtp and python-mysql-connector), Debian (freedink-dfarc, rssh, sox, and waagent), Fedora (docker-latest, java-1.8.0-openjdk, koji, pagure, poppler, and spice), openSUSE (ansible, GraphicsMagick, mosquitto, pspp, spread-sheet-widget, and python-python-gnupg), Red Hat (chromium-browser), Slackware (file), SUSE (kernel, python-Django, qemu, and thunderbird), and Ubuntu (bind9).
---------------------------------------------
https://lwn.net/Articles/780692/


∗∗∗ SA-CORE-2019-003 Notice of increased risk and Additional exploit path - PSA-2019-02-22 ∗∗∗
---------------------------------------------
[...] This Public Service Announcement is a follow-up to SA-CORE-2019-003. This is not an announcement of a new vulnerability. If you have not updated your site as described in SA-CORE-2019-003 you should do that now. There are public exploits now available for this SA.
---------------------------------------------
https://www.drupal.org/psa-2019-02-22


∗∗∗ PHP: Mehrere Schwachstellen ∗∗∗
---------------------------------------------
http://www.cert-bund.de/advisoryshort/CB-K19-0166


∗∗∗ IBM Security Bulletin: BigFix deployments with internet-facing relays that are not configured as authenticating are prone to security threats (CVE-2019-4061) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-bigfix-deployments-with-internet-facing-relays-that-are-not-configured-as-authenticating-are-prone-to-security-threats-cve-2019-4061/


∗∗∗ IBM Security Bulletin: Multiple vulnerabilities affect IBM Cloud Object Storage SDK Java (Feb 2019) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-vulnerabilities-affect-ibm-cloud-object-storage-sdk-java-feb-2019/


∗∗∗ IBM Security Bulletin: Financial Transaction Manager for Corporate Payment Services for Multi-Platform v2.1.1 is affected by a potential directory listing of internal product files vulnerability (CVE-2018-2026) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-financial-transaction-manager-for-corporate-payment-services-for-multi-platform-v2-1-1-is-affected-by-a-potential-directory-listing-of-internal-product-files-vulnerability-cve/


∗∗∗ IBM Security Bulletin: Financial Transaction Manager for Corporate Payment Services for Multi-Platform v2.1.1 is affected by a potential SQL Injection vulnerability CVE-2018-1819 ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-financial-transaction-manager-for-corporate-payment-services-for-multi-platform-v2-1-1-is-affected-by-a-potential-sql-injection-vulnerability-cve-2018-1819/


∗∗∗ IBM Security Bulletin: Financial Transaction Manager for Corporate Payment Services 2.1.1: Information Leakage in configuration listing (CVE-2018-1670) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-financial-transaction-manager-for-corporate-payment-services-2-1-1-information-leakage-in-configuration-listing-cve-2018-1670/


∗∗∗ IBM Security Bulletin: Vulnerability in Apache Tomcat affects IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( CVE-2018-11784) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-vulnerability-in-apache-tomcat-affects-ibm-san-volume-controller-ibm-storwize-ibm-spectrum-virtualize-and-ibm-flashsystem-products-cve-2018-11784/


∗∗∗ IBM Security Bulletin: Vulnerability in OpenSLP affects IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ( CVE-2017-17833) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-vulnerability-in-openslp-affects-ibm-san-volume-controller-ibm-storwize-ibm-spectrum-virtualize-and-ibm-flashsystem-products-cve-2017-17833/


∗∗∗ IBM Security Bulletin: Vulnerability in Service Assistant affects IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products (CVE-2018-1775) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-vulnerability-in-service-assistant-affects-ibm-san-volume-controller-ibm-storwize-ibm-spectrum-virtualize-and-ibm-flashsystem-products-cve-2018-1775/


∗∗∗ IBM Security Bulletin: Multiple vulnerabilities in the Linux kernel affect IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-vulnerabilities-in-the-linux-kernel-affect-ibm-san-volume-controller-ibm-storwize-ibm-spectrum-virtualize-and-ibm-flashsystem-products/


∗∗∗ IBM Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-vulnerabilities-in-ibm-java-sdk-affect-ibm-san-volume-controller-ibm-storwize-ibm-spectrum-virtualize-and-ibm-flashsystem-products/


∗∗∗ IBM Security Bulletin: Vulnerability in DHCP affects IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products (CVE-2018-5732) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-vulnerability-in-dhcp-affects-ibm-san-volume-controller-ibm-storwize-ibm-spectrum-virtualize-and-ibm-flashsystem-products-cve-2018-5732/

-- 
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily




More information about the Daily mailing list