[CERT-daily] Tageszusammenfassung - 20.05.2019

Mon May 20 18:58:12 CEST 2019

=====================
= End-of-Day report =
=====================

Timeframe:   Freitag 17-05-2019 18:00 − Montag 20-05-2019 18:00
Handler:     Robert Waldner
Co-Handler:  n/a

=====================
=       News        =
=====================

∗∗∗ Sicherheitslücke: Linksys-Router leaken offenbar alle verbundenen Geräte ∗∗∗
---------------------------------------------
Linksys will die Sicherheitslücke bereits 2014 geschlossen haben, doch laut dem Sicherheitsforscher Troy Mursch leaken die Router weiterhin die Daten aller jemals verbundenen Geräte. (Router-Lücke, Netzwerk)
---------------------------------------------
https://www.golem.de/news/sicherheitsluecke-linksys-router-leaken-offenbar-alle-verbundenen-geraete-1905-141367-rss.html


∗∗∗ ENISA is setting the ground for Industry 4.0 Cybersecurity ∗∗∗
---------------------------------------------
The EU Agency for Cybersecurity ENISA is stepping up its efforts to foster cybersecurity for Industry 4.0 by publishing a new paper on ‘Challenges and Recommendations for Industry 4.0 Cybersecurity’ .
---------------------------------------------
https://www.enisa.europa.eu/news/enisa-news/enisa-is-setting-the-ground-for-industry-4-0-cybersecurity


∗∗∗ Security researchers discover Linux version of Winnti malware ∗∗∗
---------------------------------------------
Winnti Linux variant used in 2015 in the hack of a Vietnamese gaming company.
---------------------------------------------
https://www.zdnet.com/article/security-researchers-discover-linux-version-of-winnti-malware/#ftag=RSSbaffb68


=====================
=  Vulnerabilities  =
=====================

∗∗∗ Security updates for Monday ∗∗∗
---------------------------------------------
Security updates have been issued by Debian (cups-filters, dhcpcd5, faad2, ghostscript, graphicsmagick, jruby, lemonldap-ng, and libspring-security-2.0-java), Fedora (gnome-desktop3, java-1.8.0-openjdk-aarch32, libu2f-host, samba, sqlite, webkit2gtk3, xen, and ytnef), Mageia (docker, flash-player-plugin, freeradius, libsndfile, libxslt, mariadb, netpbm, python-jinja2, tomcat-native, and virtualbox), openSUSE (kernel and ucode-intel), and SUSE (kernel, kvm, libvirt, nmap, and transfig).
---------------------------------------------
https://lwn.net/Articles/788911/


∗∗∗ MIELE Multiple Vulnerabilities in XGW 3000 ZigBee Gateway ∗∗∗
---------------------------------------------
Miele XGW 3000 is prone to mutiple vulerabilities in version <= 2.3.4 (1.4.6)
---------------------------------------------
https://cert.vde.com/de-de/advisories/vde-2019-010


∗∗∗ IBM Security Bulletin: Vulnerabiliies in ghostscript affect PowerKVM ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-vulnerabiliies-in-ghostscript-affect-powerkvm/


∗∗∗ IBM Security Bulletin: A vulnerability in OpenSSL affects PowerKVM ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-a-vulnerability-in-openssl-affects-powerkvm/


∗∗∗ IBM Security Bulletin: A vulnerability in Corosync affects PowerKVM ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-a-vulnerability-in-corosync-affects-powerkvm/


∗∗∗ IBM Security Bulletin: A vulnerability in Docker affects PowerKVM ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-a-vulnerability-in-docker-affects-powerkvm/


∗∗∗ IBM Security Bulletin: Multiple vulnerabilities in IBM Java Runtime affect Tivoli Netcool/OMNIbus (Multiple CVEs) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-vulnerabilities-in-ibm-java-runtime-affect-tivoli-netcool-omnibus-multiple-cves-3/


∗∗∗ IBM Security Bulletin: API Connect V2018 is impacted by a directory traversal vulnerability in Kubernetes (CVE-2019-1002101) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-api-connect-v2018-is-impacted-by-a-directory-traversal-vulnerability-in-kubernetes-cve-2019-1002101/


∗∗∗ IBM Security Bulletin: API Connect V2018 is impacted by a security degradation vulnerability in Kubernetes (CVE-2019-9946) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-api-connect-v2018-is-impacted-by-a-security-degradation-vulnerability-in-kubernetes-cve-2019-9946/


∗∗∗ IBM Security Bulletin: API Connect V5 is impacted by information disclosure (CVE-2018-1991) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-api-connect-v5-is-impacted-by-information-disclosure-cve-2018-1991/


∗∗∗ HPESBST03928 rev.1 - Command View Advanced Edition (CVAE) Products using JDK, Multiple Vulnerabilities ∗∗∗
---------------------------------------------
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03928en_us


∗∗∗ HPESBHF03917 rev.1 - HPE Integrated Lights-Out 4 (iLO 4) for Gen9 servers and Integrated Lights-Out 5 (iLO 5) for Gen10 Servers, Multiple Remote Vulnerabilities ∗∗∗
---------------------------------------------
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03917en_us

-- 
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily