[CERT-daily] Tageszusammenfassung - 03.08.2020

Daily end-of-shift report team at cert.at
Mon Aug 3 18:22:22 CEST 2020


=====================
= End-of-Day report =
=====================

Timeframe:   Freitag 31-07-2020 18:00 − Montag 03-08-2020 18:00
Handler:     Dimitri Robl
Co-Handler:  Robert Waldner

=====================
=       News        =
=====================

∗∗∗ Warnung vor Sicherheitslücke in Abus-Alarmanlagen ∗∗∗
---------------------------------------------
Aufgrund einer neuen Sicherheitslücke ist es möglich, die Alarmanlage aus der Ferne zu deaktivieren.
---------------------------------------------
https://futurezone.at/produkte/abus-alarmanlagen-warnung-vor-sicherheitsluecke/400989986


∗∗∗ The core of Apple is PPL: Breaking the XNU kernels kernel ∗∗∗
---------------------------------------------
This bypass was reported as Project Zero issue 2035 and fixed in iOS 13.6; you can find a POC that demonstrates how to map arbitrary physical addresses into EL0 there.
---------------------------------------------
https://googleprojectzero.blogspot.com/2020/07/the-core-of-apple-is-ppl-breaking-xnu.html


∗∗∗ Emotet is back… and where are we? ∗∗∗
---------------------------------------------
A couple weeks ago, Emotet sprang back to life. The first new spam messages started flowing after a five month hiatus.
---------------------------------------------
https://team-cymru.com/2020/07/31/emotet-is-back-and-where-are-we/


∗∗∗ TCC-Absicherung in macOS "komplett geknackt" ∗∗∗
---------------------------------------------
Einem Sicherheitsexperten ist es gelungen, Apples eigentlich drakonische "Entitlement Checks" zu umgehen. Das Problem wurde gepatcht.
---------------------------------------------
https://heise.de/-4860891


∗∗∗ Meetup fixes security flaws which could have allowed hackers to take over groups ∗∗∗
---------------------------------------------
Researchers at Checkmarx detail "Holy Grail" of two vulnerabilities, now patched.
---------------------------------------------
https://www.zdnet.com/article/meetup-fixes-security-flaws-which-could-have-allowed-hackers-to-take-over-groups/#ftag=RSSbaffb68



=====================
=  Vulnerabilities  =
=====================

∗∗∗ Drupal: Group - Critical - Information Disclosure - SA-CONTRIB-2020-030 ∗∗∗
---------------------------------------------
Security risk: Critical 15∕25 AC:None/A:None/CI:Some/II:None/E:Theoretical/TD:ALL
This vulnerability is mitigated by the fact that the victim must have the GroupNode plugin installed on their website and have no other hook_node_grants() implementations on their website aside from the one that was recently removed by Group. If you do not use the GroupNode plugin or still have hook_node_grants() implementing modules enabled, your site may not be affected.
Solution: Install the latest version
---------------------------------------------
https://www.drupal.org/sa-contrib-2020-030


∗∗∗ Security updates for Friday ∗∗∗
---------------------------------------------
Security updates have been issued by Debian (grub2 and mercurial), Fedora (chromium, firefox, and freerdp), Oracle (firefox and kernel), Red Hat (firefox), Scientific Linux (firefox, grub2, and kernel), and SUSE (ghostscript and targetcli-fb).
---------------------------------------------
https://lwn.net/Articles/827697/


∗∗∗ Security updates for Monday ∗∗∗
---------------------------------------------
Security updates have been issued by Arch Linux (ffmpeg, libjcat, mbedtls, tcpreplay, and wireshark-cli), Debian (ark, evolution-data-server, libjpeg-turbo, libopenmpt, libpam-radius-auth, libphp-phpmailer, libssh, ruby-zip, thunderbird, and transmission), Fedora (chromium, clamav, claws-mail, evolution-data-server, freerdp, glibc, java-latest-openjdk, nspr, and nss), Gentoo (libsndfile, pycrypto, python, snmptt, thunderbird, and webkit-gtk), Mageia (botan2, chocolate-doom, cloud-init, dnsmasq, freerdp/remmina, gssdp/gupnp java-1.8.0-openjdk, matio, microcode, nasm, openjpeg2, pcre2, php-phpmailer, redis, roundcubemail, ruby-rack, thunderbird, virtualbox, xerces-c), openSUSE (claws-mail, ldb, libraw), Oracle (firefox), Red Hat (bind, grub2, grub2, grub2, grub2, grub2, kernel-rt, libvncserver, nss, and, nspr, qemu-kvm-rhev), Scientific Linux (firefox), Slackware (thunderbird), SUSE (claws-mail, ldb, libraw, firefox, kernel, kernel, targetcli-fb).
---------------------------------------------
https://lwn.net/Articles/827920/


∗∗∗ Security Bulletin: Financial Transaction Manager for High Value Payments is affected by a potential Cross-Site Scripting (Reflected) vulnerability (CVE-2020-4560) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-financial-transaction-manager-for-high-value-payments-is-affected-by-a-potential-cross-site-scripting-reflected-vulnerability-cve-2020-4560/


∗∗∗ Security Bulletin: Watson Machine Learning Service is impacted by security vulnerabilities in OpenJDK 11 ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-watson-machine-learning-service-is-impacted-by-security-vulnerabilities-in-openjdk-11/


∗∗∗ Security Bulletin: IBM i2 Analysts' Notebook and IBM i2 Analysts' Notebook Premium Memory vulnerabilities ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-ibm-i2-analysts-notebook-and-ibm-i2-analysts-notebook-premium-memory-vulnerabilities/


∗∗∗ Security Bulletin: Apr 2020 : Multiple vulnerabilities in IBM Java Runtime affect CICS Transaction Gateway ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-apr-2020-multiple-vulnerabilities-in-ibm-java-runtime-affect-cics-transaction-gateway/


∗∗∗ Security Bulletin: WebSphere Application Server is vulnerable to a remote code execution vulnerability (CVE-2020-4534) ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-websphere-application-server-is-vulnerable-to-a-remote-code-execution-vulnerability-cve-2020-4534/


∗∗∗ Security Bulletin: Financial Transaction Manager for High Value Payments is affected by a potential SQL Injection CVE-2020-4328 ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-financial-transaction-manager-for-high-value-payments-is-affected-by-a-potential-sql-injection-cve-2020-4328/


∗∗∗ Security Bulletin: Multiple vulnerabilities in IBM Java SDK affect AIX ∗∗∗
---------------------------------------------
https://www.ibm.com/blogs/psirt/security-bulletin-multiple-vulnerabilities-in-ibm-java-sdk-affect-aix-3/

-- 
CERT.at Daily mailing list
Listinfo: https://lists.cert.at/cgi-bin/mailman/listinfo/daily




More information about the Daily mailing list