[CERT-daily] Tageszusammenfassung - 23.04.2020

Thu Apr 23 18:11:36 CEST 2020

=====================
= End-of-Day report =
=====================

Timeframe:   Mittwoch 22-04-2020 18:00 − Donnerstag 23-04-2020 18:00
Handler:     Stephan Richter
Co-Handler:  n/a

=====================
=       News        =
=====================

∗∗∗ iPhones durch Zero-Day-Lücken in Apple Mail angreifbar ∗∗∗
---------------------------------------------
iOS-Nutzer sollten die Mail-App vorübergehend nicht benutzen, warnen Sicherheitsforscher. Schwachstellen erlauben unbemerktes Code-Einschleusen.
---------------------------------------------
https://heise.de/-4707901


∗∗∗ New Data Center Requirements - Can You Help Host Shadowserver? ∗∗∗
---------------------------------------------
Shadowserver urgently needs to move our current data center by August 2020. We are blogging our data center requirements for hosting and colocation providers, or other companies who might be able to help provide a new home for our public benefit services for the global Internet. Please reach out and get in touch if you can help.
---------------------------------------------
https://www.shadowserver.org/news/new-data-center-requirements-can-you-help-host-shadowserver/


∗∗∗ Maze Ransomware – What You Need to Know ∗∗∗
---------------------------------------------
What’s this Maze thing I keep hearing about? Maze is a particularly sophisticated strain of Windows ransomware that has hit companies and organizations around the world and demanded that a cryptocurrency payment be made in exchange for the safe recovery of encrypted data. There’s been plenty of ransomware before. What makes Maze so special?
---------------------------------------------
https://www.tripwire.com/state-of-security/featured/maze-ransomware-what-you-need-to-know/


∗∗∗ Researchers Turn Antivirus Software Into Destructive Tools ∗∗∗
---------------------------------------------
A vulnerability impacting nearly all antivirus products out there could have been exploited to disable anti-malware protection or render the operating system unusable, RACK911 Labs security researchers reveal.
---------------------------------------------
https://www.securityweek.com/researchers-turn-antivirus-software-destructive-tools


=====================
=  Vulnerabilities  =
=====================

∗∗∗ Security updates for Thursday ∗∗∗
---------------------------------------------
Security updates have been issued by Arch Linux (openssl), openSUSE (freeradius-server, kernel, thunderbird, and vlc), Oracle (git, java-1.7.0-openjdk, java-1.8.0-openjdk, and java-11-openjdk), SUSE (ardana-ansible, ardana-barbican, ardana-db, ardana-monasca, ardana-mq, ardana-neutron, ardana-octavia, ardana-tempest, crowbar-core, crowbar-ha, crowbar-openstack, documentation-suse-openstack-cloud, memcached, openstack-manila, openstack-neutron, openstack-nova, pdns, python-amqp, rubygem-puma, [...]
---------------------------------------------
https://lwn.net/Articles/818481/


∗∗∗ Security Advisory - Three Out of Bounds Vulnerabilities in Several Smartphones ∗∗∗
---------------------------------------------
http://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20200422-02-smartphone-en


∗∗∗ Security Advisory - Local Privilege Escalation Vulnerability in Huawei OSD Product ∗∗∗
---------------------------------------------
http://www.huawei.com/en/psirt/security-advisories/2020/huawei-sa-20200422-01-osd-en


∗∗∗ Security Bulletin: Multiple Vulnerabilities in IBM Java Runtime affect IBM Cognos Command Center ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-ibm-java-runtime-affect-ibm-cognos-command-center-2/


∗∗∗ Security Bulletin: IBM Security Guardium is affected by an OpenSSL vulnerability ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-security-guardium-is-affected-by-an-openssl-vulnerability-3/


∗∗∗ Security Bulletin: IBM Security Guardium is affected by an SQLite vulnerability ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-security-guardium-is-affected-by-an-sqlite-vulnerability/


∗∗∗ Security Bulletin: IBM NeXtScale Fan Power Controller (FPC) is affected by vulnerabilities in OpenSSL (CVE-2019-1547 and CVE-2019-1563) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-nextscale-fan-power-controller-fpc-is-affected-by-vulnerabilities-in-openssl-cve-2019-1547-and-cve-2019-1563/


∗∗∗ Security Bulletin: A vulnerability in IBM WebSphere Application Server Liberty affects IBM Spectrum Scale packaged in IBM Elastic Storage System 3000(CVE-2019-4720) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-a-vulnerability-in-ibm-websphere-application-server-liberty-affects-ibm-spectrum-scale-packaged-in-ibm-elastic-storage-system-3000cve-2019-4720/


∗∗∗ Security Bulletin: Vulnerability in IBM WebSphere Liberty Profile affects IBM Spectrum Symphony and IBM Platform Symphony ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-vulnerability-in-ibm-websphere-liberty-profile-affects-ibm-spectrum-symphony-and-ibm-platform-symphony/


∗∗∗ Security Bulletin: IBM Tivoli Monitoring insufficient default file/folder permissions on windows. ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-tivoli-monitoring-insufficient-default-file-folder-permissions-on-windows/


∗∗∗ Security Bulletin: A vulnerability in IBM Java SDK affects IBM Elastic Storage System (CVE-2020-2654) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-a-vulnerability-in-ibm-java-sdk-affects-ibm-elastic-storage-system-cve-2020-2654/


∗∗∗ Security Bulletin: IBM QRadar SIEM is vulnerable to side channel attack with Intel CPUs (CVE-2019-11135) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-qradar-siem-is-vulnerable-to-side-channel-attack-with-intel-cpus-cve-2019-11135/


∗∗∗ NGINX Controller sensitive command-line arguments vulnerability CVE-2020-5866 ∗∗∗
---------------------------------------------
https://support.f5.com/csp/article/K11922628


∗∗∗ NGINX Controller vulnerability CVE-2020-5864 ∗∗∗
---------------------------------------------
https://support.f5.com/csp/article/K27205552


∗∗∗ NGINX Controller insecure database transport vulnerability CVE-2020-5865 ∗∗∗
---------------------------------------------
https://support.f5.com/csp/article/K21009022


∗∗∗ NGINX Controller vulnerability CVE-2020-5867 ∗∗∗
---------------------------------------------
https://support.f5.com/csp/article/K00958787


∗∗∗ HPESBHF03988 rev.1 - HPE Onboard Administrator, Remote Reflected Cross Site Scripting ∗∗∗
---------------------------------------------
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03988en_us


∗∗∗ HPESBNS03996 rev.1 - HPE NonStop Blade Maintenance Entity, Integrated Maintenance Entity and Maintenance Entity, Multiple Remote Vulnerabilities ∗∗∗
---------------------------------------------
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbns03996en_us


∗∗∗ Squid: Schwachstelle ermöglicht Ausführen von beliebigem Programmcode ∗∗∗
---------------------------------------------
http://www.cert-bund.de/advisoryshort/CB-K20-0360


∗∗∗ Red Hat JBoss A-MQ: Schwachstelle ermöglicht Denial of Service ∗∗∗
---------------------------------------------
http://www.cert-bund.de/advisoryshort/CB-K20-0361

-- 
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily