[CERT-daily] Tageszusammenfassung - 12.03.2019
Daily end-of-shift report
team at cert.at
Tue Mar 12 18:15:01 CET 2019
=====================
= End-of-Day report =
=====================
Timeframe: Montag 11-03-2019 18:00 − Dienstag 12-03-2019 18:00
Handler: Stephan Richter
Co-Handler: n/a
=====================
= News =
=====================
∗∗∗ Sicherheitslücke: Serverbetreiber könnte Schweizer Onlinewahlen manipulieren ∗∗∗
---------------------------------------------
Eine schwere Sicherheitslücke im Onlinewahl-Code der Schweizer Post ermöglicht es dem Betreiber einer Wahl, das Ergebnis zu manipulieren. Die Schweizer Post weiß angeblich schon seit 2017 von dem Problem, der Hersteller hat es jedoch versäumt, den Fehler zu beheben.
---------------------------------------------
https://www.golem.de/news/sicherheitsluecke-serverbetreiber-koennte-schweizer-onlinewahlen-manipulieren-1903-139955-rss.html
∗∗∗ Unpatched Windows Bug Allows Attackers to Spoof Security Dialog Boxes ∗∗∗
---------------------------------------------
Microsoft wont be patching the bug, but a proof of concept shows the potential for successful malware implantation.
---------------------------------------------
https://threatpost.com/windows-bug-spoof-dialog-boxes/142711/
∗∗∗ Identitätsdiebstahl durch Stellenangebote auf ebay Kleinanzeigen ∗∗∗
---------------------------------------------
Wer auf ebay Kleinanzeigen oder ähnlichen Portalen nach Jobs sucht, muss sich vor betrügerischen Angeboten in Acht nehmen. Gute Bezahlung und Arbeit von zu Hause locken zahlreiche Interessent/innen an. So geschehen auch bei der angeblichen CEBIT GmbH: Jobsuchende, die sich hier bewerben und die geforderten Unterlagen versenden, werden Opfer eines Identitätsdiebstahls und eröffnen im Extremfall Bankkonten im eigenen Namen, die später missbraucht werden.
---------------------------------------------
https://www.watchlist-internet.at/news/identitaetsdiebstahl-durch-stellenangebote-auf-ebay-kleinanzeigen/
∗∗∗ WordPress shopping sites under attack ∗∗∗
---------------------------------------------
Hackers using cross-site scripting (XSS) flaw in abandoned cart plugin to take over vulnerable sites.
---------------------------------------------
https://www.zdnet.com/article/wordpress-shopping-sites-under-attack/
=====================
= Vulnerabilities =
=====================
∗∗∗ Security Bulletins Posted ∗∗∗
---------------------------------------------
Adobe has published security bulletins for Adobe Digital Editions (APSB19-16) and Adobe Photoshop CC (APSB19-15). Adobe recommends users update their product installations to the latest versions using the instructions referenced in the bulletin. This posting is provided "AS IS" with no warranties [...]
---------------------------------------------
https://blogs.adobe.com/psirt/?p=1724
∗∗∗ Siemens Security Advisories ∗∗∗
---------------------------------------------
New:
SSA-557804: Mirror Port Isolation Vulnerability in SCALANCE X switches
Updated:
SSA-168644: Spectre and Meltdown Vulnerabilities in Industrial Products
SSA-170881: Vulnerabilities in SINUMERIK Controllers
SSA-203306: Password Vulnerabilities in SIPROTEC 4 and SIPROTEC Compact Relay Families
SSA-254686: Foreshadow / L1 Terminal Fault Vulnerabilities in Industrial Products
SSA-346262: Denial-of-Service in Industrial Products
SSA-348629: Denial-of-Service Vulnerability in SIMATIC PCS 7, SIMATIC WinCC, SIMATIC WinCC Runtime Professional and SIMATIC NET PC Software
SSA-584286: Denial-of-Service Vulnerability in SIMATIC S7-1200 CPU and SIMATIC S7-1500 CPU
SSA-824231: Unauthenticated Firmware Upload Vulnerability in Desigo PX Controllers
SSB-439005: Vulnerabilities in the additional GNU/Linux subsystem of the SIMATIC S7-1500 CPU 1518(F)-4 PN/DP MFP
---------------------------------------------
https://new.siemens.com/global/en/products/services/cert.html
∗∗∗ SAP Security Patch Day - March 2019 ∗∗∗
---------------------------------------------
On 12th of March 2019, SAP Security Patch Day saw the release of 9 Security Notes. Additionally, there were 3 updates to previously released security notes. We would like to inform that the vulnerability fixed by security note 2764283 is expected to be presented by a researcher at a security conference in March 2019. Therefore, we recommend our Customers to apply the SAP Security Note on priority.
---------------------------------------------
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=515408080
∗∗∗ BIG-IP Configuration utility vulnerability CVE-2019-6598 ∗∗∗
---------------------------------------------
BIG-IP Configuration utility vulnerability CVE-2019-6598 Security Advisory Security Advisory Description Malformed requests to the Traffic Management User Interface (TMUI), also referred to as the [...]
---------------------------------------------
https://support.f5.com/csp/article/K44603900
∗∗∗ Security updates for Tuesday ∗∗∗
---------------------------------------------
Security updates have been issued by Arch Linux (pacman), CentOS (java-1.7.0-openjdk), Debian (zabbix), Fedora (kernel-headers), openSUSE (libcomps), Oracle (kernel), Red Hat (chromium-browser), SUSE (ovmf and qemu), and Ubuntu (tiff).
---------------------------------------------
https://lwn.net/Articles/782842/
∗∗∗ [20190301] - Core - XSS in com_config JSON handler ∗∗∗
---------------------------------------------
http://feeds.joomla.org/~r/JoomlaSecurityNews/~3/JvJtucwH0Xs/772-20190301-core-xss-in-com-config-json-handler.html
∗∗∗ [20190304] - Core - Missing ACL check in sample data plugins ∗∗∗
---------------------------------------------
http://feeds.joomla.org/~r/JoomlaSecurityNews/~3/yevVdAyNRRI/775-20190304-core-missing-acl-check-in-sample-data-plugins.html
∗∗∗ [20190303] - Core - XSS in media form field ∗∗∗
---------------------------------------------
http://feeds.joomla.org/~r/JoomlaSecurityNews/~3/-7y5ceiY85g/774-20190303-core-xss-in-media-form-field.html
∗∗∗ [20190302] - Core - XSS in item_title layout ∗∗∗
---------------------------------------------
http://feeds.joomla.org/~r/JoomlaSecurityNews/~3/uD680RYCbkk/773-20190302-core-xss-in-item-title-layout.html
∗∗∗ IBM Security Bulletin: IBM Content Navigator is affected by a code execution vulnerability ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-content-navigator-is-affected-by-a-code-execution-vulnerability/
∗∗∗ IBM Security Bulletin: Security Vulnerabilities affect IBM Cloud Private Storage – GlusterFS and Minio ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-security-vulnerabilities-affect-ibm-cloud-private-storage-glusterfs-and-minio/
∗∗∗ IBM Security Bulletin: A Security Vulnerability affects IBM Cloud Private Kiali Istio addon ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-a-security-vulnerability-affects-ibm-cloud-private-kiali-istio-addon/
∗∗∗ IBM Security Bulletin: A Security Vulnerability affects IBM Cloud Private Certificate Manager ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-a-security-vulnerability-affects-ibm-cloud-private-certificate-manager/
∗∗∗ IBM Security Bulletin: Vulnerability in Kerberos affects Power Hardware Management Console ( CVE-2018-5730 CVE-2018-5729) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-vulnerability-in-kerberos-affects-power-hardware-management-console-cve-2018-5730-cve-2018-5729/
∗∗∗ IBM Security Bulletin: Vulnerability in GnuTLS affects Power Hardware Management Console ( CVE-2018-10845 CVE-2018-10844) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-vulnerability-in-gnutls-affects-power-hardware-management-console-cve-2018-10845-cve-2018-10844/
∗∗∗ IBM Security Bulletin: Vulnerability in OpenSSL affects Power Hardware Management Console ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-vulnerability-in-openssl-affects-power-hardware-management-console/
∗∗∗ IBM Security Bulletin: Multiple security vulnerabilities affect Rational Engineering Lifecycle Manager ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-security-vulnerabilities-affect-rational-engineering-lifecycle-manager-2/
∗∗∗ IBM Security Bulletin: Multiple Cross-site scripting vulnerabilities affect IBM® Rational® Team Concert ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-cross-site-scripting-vulnerabilities-affect-ibm-rational-team-concert/
∗∗∗ IBM Security Bulletin: Multiple Security Vulnerabilities affect IBM® Rational® Quality Manager ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-security-vulnerabilities-affect-ibm-rational-quality-manager-6/
--
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily
More information about the Daily
mailing list