[CERT-daily] Tageszusammenfassung - 29.03.2019

Daily end-of-shift report team at cert.at
Fri Mar 29 18:12:26 CET 2019


=====================
= End-of-Day report =
=====================

Timeframe:   Donnerstag 28-03-2019 18:00 − Freitag 29-03-2019 18:00
Handler:     Dimitri Robl
Co-Handler:  Robert Waldner

=====================
=       News        =
=====================

∗∗∗ Schwere Sicherheitslücke in SSL/TLS-Bibliothek axTLS ∗∗∗
---------------------------------------------
Webserver, die die Transportverschlüsselung über axTLS realisieren, sind für Angriffe empfänglich.
---------------------------------------------
http://heise.de/-4355704


∗∗∗ World Backup Day: Is your data in safe hands? ∗∗∗
---------------------------------------------
World Backup Day is a reminder that organizations and individuals need to make data backup and protection a priority
---------------------------------------------
https://www.welivesecurity.com/2019/03/29/world-backup-day-data-safe-hands/


∗∗∗ TLS CBC Padding Oracles in 2019 ∗∗∗
---------------------------------------------
Since August, I've spent countless hours studying CBC padding oracle attacks toward the development of a new scan tool called padcheck. Using this tool, I was able to identify thousands of popular domains which could be targeted by an active network adversary (i.e. MiTM) to hijack authenticated HTTPS sessions. The underlying vulnerabilities break down into [...]
---------------------------------------------
https://www.tripwire.com/state-of-security/vert/tls-cbc-padding-oracles/


∗∗∗ Researchers discover and abuse new undocumented feature in Intel chipsets ∗∗∗
---------------------------------------------
Researchers find new Intel VISA (Visualization of Internal Signals Architecture) debugging technology.
---------------------------------------------
https://www.zdnet.com/article/researchers-discover-and-abuse-new-undocumented-feature-in-intel-chipsets/


∗∗∗ Researchers publish list of MAC addresses targeted in ASUS hack ∗∗∗
---------------------------------------------
Most of the targeted MAC addresses are used by ASUStek, Intel, and AzureWave devices.
---------------------------------------------
https://www.zdnet.com/article/researchers-publish-list-of-mac-addresses-targeted-in-asus-hack/



=====================
=  Vulnerabilities  =
=====================

∗∗∗ Rockwell Automation PowerFlex 525 AC Drives ∗∗∗
---------------------------------------------
This advisory includes mitigations for a resource exhaustion vulnerability reported in Rockwell Automations PowerFlex 525 AC drive.
---------------------------------------------
https://ics-cert.us-cert.gov/advisories/ICSA-19-087-01


∗∗∗ Magento 2.3.1, 2.2.8 and 2.1.17 Security Update ∗∗∗
---------------------------------------------
Magento Commerce and Open Source 2.3.1, 2.2.8 and 2.1.17 contain multiple security enhancements that help close Remote Code Execution (RCE), Cross-Site Scripting (XSS) and other vulnerabilities.
---------------------------------------------
https://magento.com/security/patches/magento-2.3.1-2.2.8-and-2.1.17-security-update


∗∗∗ VMSA-2019-0004 ∗∗∗
---------------------------------------------
VMware vCloud Director for Service Providers update resolves a Remote Session Hijack vulnerability
---------------------------------------------
https://www.vmware.com/security/advisories/VMSA-2019-0004.html


∗∗∗ VMSA-2019-0005 ∗∗∗
---------------------------------------------
VMware ESXi, Workstation and Fusion updates address multiple security issues.
---------------------------------------------
https://www.vmware.com/security/advisories/VMSA-2019-0005.html


∗∗∗ Security updates for Friday ∗∗∗
---------------------------------------------
Security updates have been issued by Arch Linux (dovecot and imagemagick), Debian (dovecot, libraw, pdns, and ruby2.1), Fedora (mingw-podofo, openwsman, podofo, qemu, and svgsalamander), openSUSE (chromium, ffmpeg-4, firefox, libssh2_org, nodejs4, and qemu), Red Hat (libssh2), Scientific Linux (libssh2 and thunderbird), SUSE (kernel, liblouis, ntp, openssl-1_1, and tiff), and Ubuntu (firefox, freeimage, libapache2-mod-auth-mellon, and thunderbird).
---------------------------------------------
https://lwn.net/Articles/784370/


∗∗∗ Vuln: Apache HBase CVE-2019-0212 Authorization Bypass Vulnerability ∗∗∗
---------------------------------------------
http://www.securityfocus.com/bid/107624


∗∗∗ Vuln: Apache ActiveMQ CVE-2019-0222 Denial of Service Vulnerability ∗∗∗
---------------------------------------------
http://www.securityfocus.com/bid/107622


∗∗∗ GnuTLS: Mehrere Schwachstellen ermöglichen Denial of Service ∗∗∗
---------------------------------------------
http://www.cert-bund.de/advisoryshort/CB-K19-0253


∗∗∗ IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect Rational DOORS Web Access ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-vulnerabilities-in-ibm-java-runtime-affect-rational-doors-web-access-8/


∗∗∗ IBM Security Bulletin: IBM Event Streams is affected by cURL vulnerabilities ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-event-streams-is-affected-by-curl-vulnerabilities-2/


∗∗∗ IBM Security Bulletin: IBM Event Streams is affected by vulnerabilities in the shipped Node runtime ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-event-streams-is-affected-by-vulnerabilities-in-the-shipped-node-runtime/


∗∗∗ IBM Security Bulletin: IBM Event Streams is affected by jackson-databind vulnerabilities ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-event-streams-is-affected-by-jackson-databind-vulnerabilities/


∗∗∗ IBM Security Bulletin: Rational Build Forge Security Advisory for Apache HTTP Server (CVE-2019-0190; CVE-2018-17189; CVE-2018-17199) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-rational-build-forge-security-advisory-for-apache-http-server-cve-2019-0190-cve-2018-17189-cve-2018-17199/


∗∗∗ IBM Security Bulletin: IBM Event Streams is affected by Alpine vulnerability CVE-2018-1000849 ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-event-streams-is-affected-by-alpine-vulnerability-cve-2018-1000849/


∗∗∗ IBM Security Bulletin: IBM Event Streams is affected by Node.js vulnerabilities ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-event-streams-is-affected-by-node-js-vulnerabilities/


∗∗∗ IBM Security Bulletin: Security vulnerabilities identified in OpenSSL affect Rational Build Forge (CVE-2018-0734, CVE-2018-5407 and CVE-2019-1559) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-security-vulnerabilities-identified-in-openssl-affect-rational-build-forge-cve-2018-0734-cve-2018-5407-and-cve-2019-1559/


∗∗∗ IBM Security Bulletin: IBM Event Streams is affected by OpenSSL vulnerabilities ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-event-streams-is-affected-by-openssl-vulnerabilities/


∗∗∗ IBM Security Bulletin: IBM Event Streams is affected by gettext vulnerability CVE-2018-18751 ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-event-streams-is-affected-by-gettext-vulnerability-cve-2018-18751/

-- 
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily




More information about the Daily mailing list