[CERT-daily] Tageszusammenfassung - 09.01.2019
Daily end-of-shift report
team at cert.at
Wed Jan 9 18:05:54 CET 2019
=====================
= End-of-Day report =
=====================
Timeframe: Dienstag 08-01-2019 18:00 − Mittwoch 09-01-2019 18:00
Handler: Robert Waldner
Co-Handler: Dimitri Robl
=====================
= News =
=====================
∗∗∗ Face Unlock: 42 von 110 Handys lassen sich mit Portrait-Fotos austricksen ∗∗∗
---------------------------------------------
Im Test einer NGO ließen sich alle Handys von Nokia und Sony mit Portrait-Fotos entsperren. Die Bilanz anderer Hersteller ist mit einer Ausnahme durchwachsen.
---------------------------------------------
http://heise.de/-4269897
∗∗∗ Gefälschte card complete Sicherheits-App enthält Schadsoftware ∗∗∗
---------------------------------------------
Internetnutzer/innen finden gefälschte card complete Nachrichten in ihrem Posteingang. Darin behaupten die kriminellen Versender/innen, dass eine Sicherheits-App am Mobiltelefon installiert werden muss, damit die Kreditkarte weiterhin genutzt werden kann. Die App darf nicht heruntergeladen werden, denn sie enthält Schadsoftware!
---------------------------------------------
https://www.watchlist-internet.at/news/gefaelschte-card-complete-sicherheits-app-enthaelt-schadsoftware/
=====================
= Vulnerabilities =
=====================
∗∗∗ Schneider Electric Zelio Soft 2 ∗∗∗
---------------------------------------------
This advisory provides mitigation recommendations for a use after free vulnerability in Schneider Electrics Zelio Soft 2 programming platform.
---------------------------------------------
https://ics-cert.us-cert.gov/advisories/ICSA-19-008-01
∗∗∗ Schneider Electric IIoT Monitor ∗∗∗
---------------------------------------------
This advisory includes mitigations for path traversal, unrestricted upload of file with dangerous type, and XXE vulnerabilities in the Schneider Electric IIoT Monitor software.
---------------------------------------------
https://ics-cert.us-cert.gov/advisories/ICSA-19-008-02
∗∗∗ Intel Patches High-Severity Privilege-Escalation Bugs ∗∗∗
---------------------------------------------
Overall, the chip giant patched five vulnerabilities across an array of its products.
---------------------------------------------
https://threatpost.com/intel-patches-privilege-escalation-bugs/140665/
∗∗∗ Patchday: Fast nur "wichtige" Sicherheitsupdates für Windows & Co. ∗∗∗
---------------------------------------------
Microsoft kümmert sich um Software-Schwachstellen in unter anderem Windows. Nutzer sollten eine baldige Installation der Updates sicherstellen.
---------------------------------------------
http://heise.de/-4269105
∗∗∗ Security updates for Wednesday ∗∗∗
---------------------------------------------
Security updates have been issued by Arch Linux (elfutils, polkit, and tar), Debian (python-django and ruby-loofah), and Mageia (ansible, avidemux, coreutils, discount, nettle, openafs, opensc, and qtbase5).
---------------------------------------------
https://lwn.net/Articles/776310/
∗∗∗ Cisco Content Security Management Appliance Cross-Site Scripting Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20181107-sma-xss
∗∗∗ Cisco ASR 900 Series Aggregation Services Router Software Denial of Service Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190109-asr900-dos
∗∗∗ Cisco Webex Business Suite Cross-Site Scripting Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190109-webex-bs-xss
∗∗∗ Cisco TelePresence Management Suite Cross-Site Scripting Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190109-tms-xss
∗∗∗ Cisco IOS and IOS XE Software TCP Denial of Service Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190109-tcp
∗∗∗ Cisco Prime Network Control System Stored Cross-Site Scripting Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190109-pnc-stored-xss
∗∗∗ Cisco IP Phone 8800 Series Arbitrary Script Injection Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190109-phone-script-injection
∗∗∗ Cisco Jabber Client Framework Instant Message Cross-Site Scripting Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190109-jcf-im-xss
∗∗∗ Cisco Jabber Client Framework Insecure Directory Permissions Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190109-jabr-mac-permissions
∗∗∗ Cisco Identity Services Engine Password Recovery Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190109-ise-passwd
∗∗∗ Cisco Identity Services Engine Multiple Cross-Site Scripting Vulnerabilities ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190109-ise-multi-xss
∗∗∗ Cisco IOS and IOS XE Software Secure Shell Connection on VRF Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190109-ios-ssh-vrf
∗∗∗ Cisco Firepower Management Center Disk Utilization Denial of Service Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190109-fpwr-mc-dos
∗∗∗ Cisco Email Security Appliance URL Filtering Denial of Service Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190109-esa-url-dos
∗∗∗ Cisco Email Security Appliance Memory Corruption Denial of Service Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190109-esa-dos
∗∗∗ Cisco Unified Communications Manager Digest Credentials Disclosure Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190109-cucm-creds-disclosr
∗∗∗ Cisco Policy Suite for Mobile and Cisco Policy Suite Diameter Routing Agent Software Redis Server Unauthenticated Access Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190109-cps-redis
∗∗∗ Cisco Policy Suite Graphite Unauthenticated Read-Only Access Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190109-cps-graphite-access
∗∗∗ Cisco Prime Infrastructure Cross-Site Scripting Vulnerability ∗∗∗
---------------------------------------------
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190109-cpi-xss
∗∗∗ Security Advisory - Two Vulnerabilities in Huawei PCManager Porduct ∗∗∗
---------------------------------------------
http://www.huawei.com/en/psirt/security-advisories/2019/huawei-sa-20190109-01-pcmanager-en
∗∗∗ Security Advisory - Use After Free Vulnerability on Several Smartphones ∗∗∗
---------------------------------------------
http://www.huawei.com/en/psirt/security-advisories/2019/huawei-sa-20190109-01-smartphone-en
∗∗∗ IBM Security Bulletin: IBM Integration Bus affected by an httpclient package in WAS internally Vulnerability(CVE-2012-5783) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-integration-bus-affected-by-an-httpclient-package-in-was-internally-vulnerabilitycve-2012-5783/
--
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily
More information about the Daily
mailing list