[CERT-daily] Tageszusammenfassung - 02.05.2019

Daily end-of-shift report team at cert.at
Thu May 2 18:14:54 CEST 2019


=====================
= End-of-Day report =
=====================

Timeframe:   Dienstag 30-04-2019 18:00 − Donnerstag 02-05-2019 18:00
Handler:     Stephan Richter
Co-Handler:  n/a

=====================
=       News        =
=====================

∗∗∗ Phishing-Mail hat es auf Ihr Willhaben-Konto abgesehen ∗∗∗
---------------------------------------------
Erneut sind Phishing-Mails Krimineller im Umlauf. Die Mails erwecken den Anschein, von der Kleinanzeigenplattform Willhaben zu stammen und informieren über die Veröffentlichung einer Verkaufsanzeige für eine Samsung Waschmaschine. Empfänger/innen dürfen den Links in der Nachricht nicht folgen und keine Daten eingeben, ansonsten verlieren sie ihr Willhaben-Konto.
---------------------------------------------
https://www.watchlist-internet.at/news/phishing-mail-hat-es-auf-ihr-willhaben-konto-abgesehen/


∗∗∗ JavaScript card sniffing attacks spread to other e-commerce platforms ∗∗∗
---------------------------------------------
OpenCart, OSCommerce, WooCommerce, Shopify are also being targeted.
---------------------------------------------
https://www.zdnet.com/article/javascript-card-sniffer-attacks-spread-to-other-e-commerce-platforms/


∗∗∗ 50,000 enterprise firms running SAP software vulnerable to attack ∗∗∗
---------------------------------------------
9 out of 10 SAP production systems are believed to be vulnerable to new exploits.
---------------------------------------------
https://www.zdnet.com/article/50000-enterprise-firms-running-sap-software-vulnerable-to-attack/



=====================
=  Vulnerabilities  =
=====================

∗∗∗ Sicherheitslücke: Treiberinstallation auf Dell-Laptops angreifbar ∗∗∗
---------------------------------------------
Eine auf Dell-Laptops vorinstallierte Windows-Software zur Installation von Treibern öffnet einen lokalen HTTP-Server. Ein Netzwerkangreifer kann das missbrauchen, um Schadsoftware zu installieren.
---------------------------------------------
https://www.golem.de/news/sicherheitsluecke-treiberinstallation-auf-dell-laptops-angreifbar-1905-140995-rss.html


∗∗∗ Rockwell Automation CompactLogix 5370 ∗∗∗
---------------------------------------------
This advisory includes mitigations for uncontrolled resource consumption and stack-based buffer overflow vulnerabilities reported in Rockwell Automation’s CompactLogix 5370 controllers.
---------------------------------------------
https://ics-cert.us-cert.gov/advisories/ICSA-19-120-01


∗∗∗ Citrix SD-WAN Security Update ∗∗∗
---------------------------------------------
An information disclosure vulnerability has been identified in the Citrix SD-WAN Appliance. This vulnerability could allow an unauthenticated attacker to perform a man-in-the-middle attack against management traffic.
---------------------------------------------
https://support.citrix.com/article/CTX247735


∗∗∗ Jetzt patchen: Cisco schließt Lücken in zahlreichen Produkten ∗∗∗
---------------------------------------------
Es ist mal wieder so weit: Netzwerkausrüster Cisco hat zahlreiche Aktualisierungen veröffentlicht. Eine der gepatchten Lücken gilt als kritisch.
---------------------------------------------
https://heise.de/-4411599


∗∗∗ Security updates for Wednesday ∗∗∗
---------------------------------------------
Security updates have been issued by Fedora (libmediainfo, php-horde-horde, and php-horde-turba), SUSE (hostinfo, supportutils, libjpeg-turbo, and openssl), and Ubuntu (dovecot, libpng1.6, and memcached).
---------------------------------------------
https://lwn.net/Articles/787232/


∗∗∗ Security updates for Thursday ∗∗∗
---------------------------------------------
Security updates have been issued by Debian (proftpd-dfsg and signing-party), Fedora (php-horde-horde and php-horde-turba), and Ubuntu (php5).
---------------------------------------------
https://lwn.net/Articles/787299/


∗∗∗ Many Vulnerabilities Found in Wireless Presentation Devices ∗∗∗
---------------------------------------------
Researchers at Tenable have discovered a total of 15 vulnerabilities across eight wireless presentation systems, including flaws that can be exploited to remotely hack devices. read more
---------------------------------------------
https://www.securityweek.com/many-vulnerabilities-found-wireless-presentation-devices


∗∗∗ Vuln: Microsoft Visual Studio asm Remote Memory Corruption Vulnerability ∗∗∗
---------------------------------------------
http://www.securityfocus.com/bid/108122


∗∗∗ Vuln: Apache Archiva CVE-2019-0214 Arbitrary File Write Vulnerability ∗∗∗
---------------------------------------------
http://www.securityfocus.com/bid/108124


∗∗∗ IBM Security Advisories ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/


∗∗∗ Appliance mode vulnerability CVE-2019-6614 ∗∗∗
---------------------------------------------
https://support.f5.com/csp/article/K46524395


∗∗∗ CGNAT/PPTP vulnerability CVE-2019-6611 ∗∗∗
---------------------------------------------
https://support.f5.com/csp/article/K47527163


∗∗∗ DNS vulnerability CVE-2019-6612 ∗∗∗
---------------------------------------------
https://support.f5.com/csp/article/K24401914


∗∗∗ Appliance mode tmsh vulnerability CVE-2019-6615 ∗∗∗
---------------------------------------------
https://support.f5.com/csp/article/K87659521


∗∗∗ Appliance mode tmsh vulnerability CVE-2019-6616 ∗∗∗
---------------------------------------------
https://support.f5.com/csp/article/K82814400


∗∗∗ SNMP vulnerability CVE-2019-6613 ∗∗∗
---------------------------------------------
https://support.f5.com/csp/article/K27400151


∗∗∗ BIG-IP Resource Administrator vulnerability CVE-2019-6618 ∗∗∗
---------------------------------------------
https://support.f5.com/csp/article/K07702240


∗∗∗ BIG-IP Resource Administrator vulnerability CVE-2019-6617 ∗∗∗
---------------------------------------------
https://support.f5.com/csp/article/K38941195


∗∗∗ HTTP/2 ALPN vulnerability CVE-2019-6619 ∗∗∗
---------------------------------------------
https://support.f5.com/csp/article/K94563344


∗∗∗ NodeJS vulnerability CVE-2018-12120 ∗∗∗
---------------------------------------------
https://support.f5.com/csp/article/K37111863

-- 
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily




More information about the Daily mailing list