[CERT-daily] Tageszusammenfassung - 08.10.2019
Daily end-of-shift report
team at cert.at
Tue Oct 8 18:16:20 CEST 2019
=====================
= End-of-Day report =
=====================
Timeframe: Montag 07-10-2019 18:00 − Dienstag 08-10-2019 18:00
Handler: Dimitri Robl
Co-Handler: Stephan Richter
=====================
= News =
=====================
∗∗∗ D-Link Home Routers Open to Remote Takeover Will Remain Unpatched ∗∗∗
---------------------------------------------
CVE-2019-16920 allows remote unauthenticated attackers to execute code on a target device.
---------------------------------------------
https://threatpost.com/d-link-home-routers-unpatched/148941/
∗∗∗ Kriminelle versenden gefälschte Apple Rechnung ∗∗∗
---------------------------------------------
Kriminelle fälschen App Store Rechnungen und senden diese wahllos an zahlreiche E-Mail-Adressen. Angeblich wurden Spiele im Wert von rund 80 Euro per Kreditkarte gekauft. Für die Stornierung und Rückerstattung des Betrages haben besorgte EmpfängerInnen die Möglichkeit, einem Link zu folgen. Ignorieren Sie diese Rechnung und klicken Sie nicht auf den Link, denn dieser führt zu einer Phishing-Seite. Im schlimmsten Fall wird Ihr Computer mit Schadsoftware infiziert.
---------------------------------------------
https://www.watchlist-internet.at/news/kriminelle-versenden-gefaelschte-apple-rechnung/
∗∗∗ Zero-day published for old Joomla CMS versions ∗∗∗
---------------------------------------------
Proof-of-concept code available online; trivial to exploit.
---------------------------------------------
https://www.zdnet.com/article/zero-day-published-for-old-joomla-cms-versions/
=====================
= Vulnerabilities =
=====================
∗∗∗ Apple Releases Security Updates ∗∗∗
---------------------------------------------
Apple has released security updates to address vulnerabilities in multiple products. An attacker could exploit some of these vulnerabilities to take control of an affected system.
---------------------------------------------
https://www.us-cert.gov/ncas/current-activity/2019/10/08/apple-releases-security-updates
∗∗∗ Patchday: Google schließt zahlreiche kritische Android-Lücken ∗∗∗
---------------------------------------------
Zum Oktober-Patchday hat Google unter anderem die kürzlich von Project Zero veröffentlichte kritische Sicherheitslücke in Pixel 1 und 2 beseitigt.
---------------------------------------------
https://heise.de/-4548538
∗∗∗ Security updates for Tuesday ∗∗∗
---------------------------------------------
Security updates have been issued by Debian (openjpeg2, openssh, and xen), openSUSE (dovecot23, jasper, libseccomp, lxc, putty, and singularity), Red Hat (bind, kernel, polkit, python, and wget), and Ubuntu (unbound).
---------------------------------------------
https://lwn.net/Articles/801692/
∗∗∗ SAP Security Patch Day – October 2019 ∗∗∗
---------------------------------------------
[...] On 8th of October 2019, SAP Security Patch Day saw the release of 7 Security Notes. There is 1 update to previously released Patch Day [...]
---------------------------------------------
https://wiki.scn.sap.com/wiki/pages/viewpage.action?pageId=528123050
∗∗∗ All In One WP Security & Firewall <= 4.4.1 - Open Redirect & Hidden Login Page Exposure ∗∗∗
---------------------------------------------
https://wpvulndb.com/vulnerabilities/9898
∗∗∗ SSA-608355: Processor Vulnerabilities Affecting SIMATIC WinAC RTX (F) 2010 ∗∗∗
---------------------------------------------
https://cert-portal.siemens.com/productcert/txt/ssa-608355.txt
∗∗∗ SSA-878278: Denial-of-Service Vulnerability in SIMATIC WinAC RTX (F) 2010 ∗∗∗
---------------------------------------------
https://cert-portal.siemens.com/productcert/txt/ssa-878278.txt
∗∗∗ SSA-984700: Password Storage Vulnerability in SIMATIC IT UADM ∗∗∗
---------------------------------------------
https://cert-portal.siemens.com/productcert/txt/ssa-984700.txt
∗∗∗ SSA-473245: Denial-of-Service Vulnerability in Profinet Devices ∗∗∗
---------------------------------------------
https://cert-portal.siemens.com/productcert/txt/ssa-473245.txt
∗∗∗ SSA-349422: Denial-of-Service in Industrial Real-Time (IRT) Devices ∗∗∗
---------------------------------------------
https://cert-portal.siemens.com/productcert/txt/ssa-349422.txt
∗∗∗ IBM Security Bulletin: Multiple vulnerabilities affect IBM® SDK for Node.js™ in IBM Cloud ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-multiple-vulnerabilities-affect-ibm-sdk-for-node-js-in-ibm-cloud-4/
∗∗∗ IBM Security Bulletin: A vulnerability has been identified in IBM Spectrum Scale where the local attacker can obtain root privilege by injecting parameters into setuid files (CVE-2019-4558) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-a-vulnerability-has-been-identified-in-ibm-spectrum-scale-where-the-local-attacker-can-obtain-root-privilege-by-injecting-parameters-into-setuid-files-cve-2019-4558/
∗∗∗ IBM Security Bulletin: IBM Maximo Asset Management is vulnerable to Information Disclosure (CVE-2019-4512) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/ibm-security-bulletin-ibm-maximo-asset-management-is-vulnerable-to-information-disclosure-cve-2019-4512/
∗∗∗ Bash vulnerability CVE-2012-6711 ∗∗∗
---------------------------------------------
https://support.f5.com/csp/article/K05122252
∗∗∗ Linux kernel vulnerability CVE-2019-15505 ∗∗∗
---------------------------------------------
https://support.f5.com/csp/article/K28222050
--
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily
More information about the Daily
mailing list